Follow by Email

Friday, July 18, 2014

How elite hackers (almost) stole the NASDAQ

In 2010, elite hackers, most likely from Russia, used at least two
zero-day vulnerabilities to penetrate the computer network operated by
Nasdaq Stock Market, a hack that allowed them to roam unmolested for
months and plant destructive malware designed to cause disruptions,
according to a media report published Thursday.
The intrusion initially caught the attention of officials inside the
National Security Agency, the Central Intelligence Agency, and
departments of Defense, Treasury, and Homeland Security for two reasons,
Bloomberg Businessweek journalist Michael Riley reported in an article
headlined How Russian Hackers Stole the Nasdaq.
One, it appeared to be the work of hackers sponsored by Russia or
another powerful nation-state. Two, far from the typical espionage
campaigns that merely siphon out secret data, the malware involved in
the attack contained what early on appeared to be a digital bomb that
could cause serious damage.
Riley’s 3,100-word cover article traces the resulting federal
investigation, which also involved the FBI, Secret Service, the National
Cybersecurity and Communications Integration Center, and on at least
three occasions, briefings provided to President Barack Obama.
Ultimately, analysis of the malware showed its capabilities were less
destructive than earlier believed, but there was still cause for
concern. As Ars reported
last year, it came around the same time that five eastern European men
allegedly breached networks belonging to Nasdaq and at least seven other
financial institutions. According to federal prosecutors, one of the
suspects, upon gaining persistent control over the world’s second
biggest stock exchange, proclaimed “NASDAQ is owned.”